This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
Re: [RFC] Implement Undefined Behavior Sanitizer
- From: Jakub Jelinek <jakub at redhat dot com>
- To: Segher Boessenkool <segher at kernel dot crashing dot org>
- Cc: Marek Polacek <polacek at redhat dot com>, Jason Merrill <jason at redhat dot com>, "Joseph S. Myers" <joseph at codesourcery dot com>, GCC Patches <gcc-patches at gcc dot gnu dot org>
- Date: Thu, 6 Jun 2013 15:35:03 +0200
- Subject: Re: [RFC] Implement Undefined Behavior Sanitizer
- References: <20130605175728 dot GD4160 at redhat dot com> <20130605191910 dot GV1493 at tucnak dot redhat dot com> <20130605193508 dot GX1493 at tucnak dot redhat dot com> <20130606060741 dot GY1493 at tucnak dot redhat dot com> <E7819572-65E4-46AE-9891-52222A78077D at kernel dot crashing dot org>
- Reply-to: Jakub Jelinek <jakub at redhat dot com>
On Thu, Jun 06, 2013 at 03:26:19PM +0200, Segher Boessenkool wrote:
> >The C++11/C++14 undefined behavior of left signed shift can be tested
> >similarly, if ((unsigned type for op0's type) op0) >> (precm1 - y)
> >is greater than one, then it is undefined behavior.
> >Jason, does
> >http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2013/n3675.html#1457
> >apply just to C++11/C++14, or to C++03 too?
>
> Doesn't DR1457 also leave
>
> neg << 0
>
> as undefined, where "neg" is a negative value? That isn't caught by
> your "greater than one" expression.
Yeah, of course, it needs to be for any shift x << y or x >> y (signed or unsigned):
1) if ((unsigned) y > precm1) ub
plus for signed x << y:
2) for C99/C11 if ((unsigned) x >> (precm1 - y)) ub
3) for C++11/C++14 if (x < 0 || ((unsigned) x >> (precm1 - y)) > 1) ub
Jakub